CDPP-Module-Audit

FDPPI is developing Data Protection Professionals who are appropriately skilled in relevant law, and other knowledge and skills required to be an effective Data Protection.

The Complete Certification program developed by FDPPI consists of 5 modules of which Module I on Indian Laws and Module G on Global laws have already been rolled out. The three other modules envisaged under this comprehensive skill development program consists of “Technology”, “Audit” and “Behavioural Skills” out of which the “Audit” module is being rolled out now.

The Personal Data Protection Bill 2019 (PDPB 2019) is expected to be law soon and there will be a surge of demand for trained Data Protection Professionals in India in the coming months. It is expected that many organizations would also be scrambling to put in place a compliance program to conform to the requirements of the emerging Personal Data Protection Act in India.

It has therefore been decided  to launch the module on Audit in the month of January 2021 to supplement the Law related modules namely Module I and Module G.

This program would cover the following four distinct topics

a) Data Protection Impact Assessment (DPIA)

b) Harm Audits

c) Data Breach Audits

d) Data Protection Law Compliance audit including a detailed discussion of PDPSI framework and accompanying Data Trust Score (DTS) mechanism.

FDPPI is adopting the Personal Data Protection Standard of India (PDPSI) as a foundation framework on which organizations can seek “Certification of Compliance” and an assessment of Data Trust Score  as envisaged in PDPB 2019.

Persons who pass through this Module would be initially  able to provide implementation consultancy and some of them would also be able to certify organizations for compliance.

The Concept of PDPSI with its set of Standards and Implementation Specifications can help an organization to implement a compliance program on its own and if necessary, seek certification. In case they so desire, they can use the assistance of consultants to implement the PDPSI framework within their organization.

The Module-A of the “Certified Data Protection Professional” covers different aspects o PDPSI in detail so that the participants can provide necessary consultation to companies on implementation of personal data protection laws including the forthcoming law in India based on PDPB 2019 as well as the GDPR or other laws which are already prevalent.

The schedule for the program would  be announced through this page. Kindly await details.

Registration Fees

The consolidated payment for training, examination and certification for Module A are as follows

  1. For members of FDPPI  as of 31st December 2020          : Rs 6000/-.
  2. Members who join FDPPI on or after 1st January 2021Rs 9000/-

(Kindly note that the above fee is a consolidated payment for training, examination and certification . This certification is for having completed the Module-A training only. Accreditation as a PDPSI auditor is subject to fulfillment of other norms).

In case participants would like to complete Module I and Module G, they may undergo the online recorded Video based training and take up the certification exam. The consolidated fee for these are as follows:

Module I : Rs 9000/- (Excluding membership fee for non members)

Module G: Rs 9000/-(Excluding membership fee for non members)

Both Module I and Module G: Rs 15000/- (Excluding membership fee for non members)

Kindly note that all persons who undergo Module I training will be provided with one additional online training free of charge, after the passage of the Bill to cover the changes that may be made by the Government to the PDPB 2019 at the time of its passage.

The last date for registration would be January 18, 2021. The sessions will be held on Saturdays and Sundays starting from 23rd February 2021, One session (11.00 am to 12.30 pm) in the morning and One session in the afternoon (3.00 pm to 4.30 pm).

Tentative Schedule

 

Session Topic Faculty Date Time
1 Introduction to Data Audit… Naavi Jan 23 11.00 am to 12.30PM
2 Overview of PDPB 2019 Naavi Jan 23 3.00 pm to 4.30 pm
Optional Assignment 1
3 Harm Audit and DPIA Audit .. Example Rakesh Goyal Jan 24 11.00 am to 12.30PM
4 Data breach Audit… Example Naavi Jan 24 3.00 pm to 4.30 pm
5 Data Protection Compliance Audit Naavi Jan 30 11.00 am to 12.30PM
Optional Assignment-2
6 PDPSI- Standards Naavi Jan 30 3.00 pm to 4.30 pm
7 PDPSI- Implementation Specifications: 1: Management Controls Naavi Jan 31 11.00 am to 12.30PM
8 PDPSI- Implementation Specifications: 2: DPO Controls Naavi Jan 31 3.00 pm to 4.30 pm
9 PDPSI- Implementation Specifications: 3: Legal and HR Controls Naavi Feb 6 11.00 am to 12.30PM
10 PDPSI- Implementation Specifications: 4:  IT Controls Ramesh Feb 6 3.00 pm to 4.30 pm
11  DTS Naavi Feb 7 11.00 am to 12.30PM
12 Discussions Feb 7
Mandatory Assignment 3

 

The sessions will be followed by a mandatory “Assignment”   and an online exam after a gap of about 3 or 4 weeks.

Accreditation of PDPSI Auditors

FDPPI proposes to accredit trained professionals who have undergone all the three modules of the Certification program namely Module I, Module G and Module A as “Provisionally Accredited PDPSI Auditors” who can conduct “Data Protection Compliance Audits” as envisaged under PDPB 2019.

Accredited Auditors are also required to conform to norms of keeping themselves updated with the current changes in global laws and other related aspects.

The Module-A training would therefore be a very important facet of the required skill sets of a Data Protection Professional who would like to be an Auditor.

The “Provisionally Accredited Auditors”  would be required to complete all the 5 modules of the CDPP program in due course. Since only three modules would have been launched by the time this Module-A is completed, the accreditation at present would be a “Provisional Accreditation”.

This would be reviewed subsequently after the two other modules are also available, providing reasonable time for the persons who complete the first three modules to complete the other modules.

PDPSI Consultants who acquire a minimum level of implementation experience would be accredited as Auditors by virtue of their experience. The detailed norms for the same would be announced in due course.

All persons who complete the certification may provide implementation consultancy while the number of professionals who may be recognized as Certification auditors may be restricted based on the policies to be set by the “PDPSI Certification Governance Committee” to be set up by FDPPI to determine the accreditation norms for Certification Auditors.

Naavi

Application for Enrollment for Certification Program

Registration for Certification Modules
Course *
Membership fee if not a Member at present,

P.S: Training is offered by Cyber Law College (Ujvala Consultants Pvt Ltd) as Training Partner

For more details, contact FDPPI over email. over fdppi@ fdppi.in